CodexDominion

Command Console

Executive Suite

  • Why CodexDominion
  • Value Center
  • Pilot Portfolio
  • Benchmarking
  • Evidence Exports
  • ROI Assumptions

Operations

  • Dashboard
  • Command

Platform

  • Modules
  • Knowledge

Solutions

  • Banking

Governance

  • Decisions
  • Workflows
  • Policies
  • Evidence

Risk & Supply

  • Vendors
  • Procurement

Administration

  • Identity Center
  • Observability
  • Trust Center
  • Connectors
  • Users
  • Diagnostics
  • Settings

CodexDominion 5.0

AI Governance Control Plane

Meridian Financial Group

finance · enterprise

Administrator

Trust Center

Cryptographic trust for evidence — hash-chain proofs, signing, timestamping, and independent verification. Mock providers are labeled honestly.

SHA-256 trust layer

Demo datasetStore: Demo Data

Illustrative pilot dataset — figures model a representative enterprise deployment.

2 metrics live in this mode Switch to live data

Platform Trust Score

@merritt/trust-engine
83/ 100
Audit Readiness77% · weight 0.40

Composite examination-readiness score

Evidence Integrity100% · weight 0.35

Append-only hash-chain verification

Cryptographic Signing70% · weight 0.25

Mock signer — labeled, not legally binding until HSM/KMS is configured

Trust Level

Signed (mock)

signed mode

Verification

warning

6 checks

Signature

mock signed

not legally binding

Timestamp

Signing & Timestamping

Signing Status

PAdES-compatible signing abstraction. Mock until an HSM key is configured.

Statusmock signed
AlgorithmECDSA P256 SHA256 (mock)
Legally bindingNo
mock signature — not legally binding

Signer types

Local Developmentactive (mock)
HSMinterface-only
Cloud KMSinterface-only
External CA

Certificate Chain

Certificate Chain

Signing certificate lifecycle — subject, issuer, validity, and revocation.

Chain status:ValidMock chain
CN=CodexDominion Evidence Signing (DEV), O=The Merritt Methods LLC
Leafgood

Issuer: CN=CodexDominion Evidence Issuing CA · valid May 20, 2026 → Jun 25, 2027 · digitalSignature, nonRepudiation

CN=CodexDominion Evidence Issuing CA
Intermediategood

Issuer: CN=CodexDominion Dev Root CA · valid Jun 25, 2025 → Jun 24, 2030 · keyCertSign, digitalSignature

CN=CodexDominion Dev Root CA

Hash Chain Verification

Hash Chain Verification

Each audit event’s hash is re-derived and checked for continuity.

Intact

Events

8

Hashes re-derived

8

Failures

0

Confidence

high

Final chain digest (SHA-256)

0x35ddb268d7ff67558abb7306d10e1157bb8129a20414bebe383f979f790bc3eb

Method: SHA-256 re-derivation + prevHash continuity

Package Verification

Package Verification

Independently verify the trust manifest — hashes, digest, timestamp, signature, and certificate.

Verified (with notes)Signed (mock)
Package digestDigest matches
Audit hash-chain8 hashes re-derived
ProvenanceAll artifacts labeled
Timestamp tokenCodexDominion Mock TSA
SignatureECDSA-P256-SHA256 (mock)
Certificate chainChain valid

Warnings (honest mock disclosures)

  • • Timestamp is from a mock TSA — not a trusted time source.
  • • Signature is a mock signature — not legally binding.
  • • Certificate chain is a mock chain — not anchored to a public root.

Recommended remediation

  • • Configure a real RFC 3161 timestamp authority for trusted timestamps.
  • • Configure an HSM-backed signer (PAdES) for legally-binding signatures.

Verification Reports

Verification Reports

Trust evidence documents — reuse the shared report shell.

mock timestamped

CodexDominion Mock TSA

Hash Chain

Intact

8 hashes re-derived

interface-only

Timestamping Status

RFC 3161-compatible interface. Mock TSA until a real authority is configured.

Statusmock timestamped
AuthorityCodexDominion Mock TSA
Policy1.3.6.1.4.1.99999.1 (mock policy OID)
Hash algorithmSHA 256
mock timestamp — not issued by a trusted TSA
Rootgood

Issuer: CN=CodexDominion Dev Root CA · valid Jun 25, 2024 → Jun 23, 2034 · keyCertSign, cRLSign

Mock certificate chain — not anchored to a publicly trusted root. For development verification only.